package cn.medemede.beans;

import cn.medemede.dao.DatabaseConnection;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.sql.*;


public class Do_change implements Action{
    @Override
    public String execute(HttpServletRequest request, HttpServletResponse response) throws Exception {
        request.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out=response.getWriter();
        String forward="change_failed";
        String Register_name=request.getParameter("username");
        String Register_password=request.getParameter("new_password");
        String old_password=request.getParameter("old_password");
        String zname=request.getParameter("zname");
        String sex=request.getParameter("sex");
        String borth=request.getParameter("borth");
        String phone=request.getParameter("phone");
        String zposition=request.getParameter("province")+" "+request.getParameter("city");
        String email=request.getParameter("email");
        String[] favorite=request.getParameterValues("favorite");
        String favorite_s=null;
        if(favorite!=null)
            for (String s:favorite) {
                favorite_s+=s+" ";
            }

        try {
            Connection connection = DatabaseConnection.getConnection();
            String sql = "select * from users where username='"+Register_name+"' and password='"+old_password+"'";
            if(connection!=null) {
                System.out.println("-------数据库连接成功！-------");
                out.println("-------数据库连接成功！-------");
                Statement statement = connection.createStatement();
                ResultSet rs = statement.executeQuery(sql);
                if (rs.next()) {
                    String InsertSQL = "UPDATE users SET password=?,zname=?,sex=?,borth=?,phone=?,zposition=?,email=?,favorite=? WHERE username=?";
                    PreparedStatement ps=connection.prepareStatement(InsertSQL);
                    ps.setString(1,Register_password);
                    ps.setString(2,zname);
                    ps.setString(3,sex);
                    ps.setString(4,borth);
                    ps.setString(5,phone);
                    ps.setString(6,zposition);
                    ps.setString(7,email);
                    ps.setString(8,favorite_s);

                    int FLAG = ps.executeUpdate();

                    if (FLAG > 0) {
                        System.out.println("修改成功！");
                        out.println("-------修改成功！-------");
                        forward="change_suc";
                    } else {
                        out.println("-------修改失败！-------");
                        forward="change_failed";
                    }
                }else {
                    System.out.println("密码错误或用户不存在!");
                    out.println("修改失败！---密码错误或用户不存在!-----");
                    forward="change_failed";
                }
                DatabaseConnection.releaseResources(rs,statement,connection);
            }else {
                System.out.println("错误！------数据库连接失败！");
                out.println("-----错误！------数据库连接失败！-----");
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return forward;
    }
}
